Vulnerabilities > Sympa

DATE	CVE	VULNERABILITY TITLE	RISK
2008-10-07	CVE-2008-4476	Link Following vulnerability in Sympa 5.3.4 sympa.pl in sympa 5.3.4 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/sympa_aliases.$$ temporary file. local sympa CWE-59	6.9
2008-04-02	CVE-2008-1648	Improper Input Validation vulnerability in Sympa Sympa before 5.4 allows remote attackers to cause a denial of service (daemon crash) via an e-mail message with a malformed value of the Content-Type header and unspecified other headers. network low complexity sympa CWE-20	5.0
2004-08-21	CVE-2004-1735	HTML Injection vulnerability in Sympa New List Cross-site scripting (XSS) vulnerability in the create list option in Sympa 4.1.x and earlier allows remote authenticated users to inject arbitrary web script or HTML via the description field. network sympa	4.3

Vulnerabilities > Sympa {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Sympa"}]}